So I've got a script "index.php" it works fine.
In the script I have this line since I don't want my db info in the php script:
The include works fine - the script connects to the db and pulls back what I want.
The conn.inc file just includes this:
Of course I don't want anyone to be able to read the conn.inc file so I have this in the .htaccess file:
Here's the weird part - to test this I put hxxp://myurl/conn.inc into a browser and I expected to get an error/forbidden message.
Instead I get the exact same results as if I'd put the index.php file into my browser.
I cleared cache, etc of course - checked file contents.
Help?
In the script I have this line since I don't want my db info in the php script:
Code:
//MySQL Database Connect
include 'conn.inc';
The include works fine - the script connects to the db and pulls back what I want.
The conn.inc file just includes this:
Code:
<?php
// Connects to Our Database
$username="my_db_uid";
$password="my_pwd";
$database="my_db_name";
mysql_connect(localhost,$username,$password);
mysql_select_db($database) or die(mysql_error());
?>
Of course I don't want anyone to be able to read the conn.inc file so I have this in the .htaccess file:
Code:
<Files ~ "^.*\.inc$">
Order allow,deny
Deny from all
</Files>
Here's the weird part - to test this I put hxxp://myurl/conn.inc into a browser and I expected to get an error/forbidden message.
Instead I get the exact same results as if I'd put the index.php file into my browser.
I cleared cache, etc of course - checked file contents.
Help?